Data Aggregation Device

An aspect of the present disclosure relates to a data aggregation device that collates and aggregates data possessed by each of two or more organizations.

Patent Literature 1 discloses an operation processing system that

distributes a collation batch process for collating first data and second data of which each includes a plurality of entries to a plurality of calculation servers and causes the plurality of calculation servers to perform the collation batch process.

Patent Literature 1: Japanese Unexamined Patent Publication No. 2012-008670

However, in the operation processing system, for example, data cannot be collated for each group. Therefore, there is need for collating data for each group.

According to an aspect of the present disclosure, there is provided a data aggregation device that collates and aggregates data which is possessed by each of two or more organizations and which is correlated with individuals and groups, the data aggregation device including an aggregation unit configured to collate and aggregate the data, which is correlated with collation identifiers which are identifiers for identifying the individuals and the groups, for each group on the basis of the collation identifiers.

According to this aspect, data is collated and aggregated for each group on the basis of a collation identifier. That is, it is possible to collate data for each group.

According to the aspect of the present disclosure, it is possible to collate data for each group.

Hereinafter, an embodiment of the present disclosure will be described in detail with reference to the accompanying drawings. In description with reference to the drawings, the same elements will be referred to by the same reference signs, and repeated description thereof will be omitted. The embodiment of the present disclosure in the following description is a specific example of the present disclosure, and the present disclosure is not limited to the embodiment unless there is description for limiting the present disclosure.

is a diagram illustrating an example of a system configuration of a data aggregation systemincluding a data aggregation deviceaccording to an embodiment. As illustrated in, the data aggregation systemincludes a data aggregation deviceand a data transmission device. The data aggregation deviceand the data transmission deviceare communicatively connected to each other via a network such as the Internet and can mutually transmit and receive information. In this embodiment, one data transmission deviceis assumed, but the number of data transmission devicesis not limited thereto and a plurality of data transmission devicesmay be provided.

When the plurality of data transmission devicesare provided, each data transmission deviceis communicatively connected to the data aggregation devicevia a network, and they can mutually transmit and receive information.

The data aggregation deviceis a computer (server) device that collates and aggregates data which is possessed by each of two or more organizations and which are correlated with individuals and groups.

Regarding two or more organizations, company A and company B which are two organizations are assumed in this embodiment, but the number of organizations is not limited thereto and three or more organizations may be provided. It is assumed that the data aggregation devicestores data managed by company A and possessed by company A. It is also assumed that the data is correlated with individuals and groups. On the other hand, it is assumed that the data transmission devicestores data managed by company B and possessed by company B. Similarly, it is assumed that the data is correlated with individuals and groups. The data aggregation devicecollates and aggregates data possessed by company A and stored in the data aggregation deviceand data possessed by company B and stored in the data transmission device.

is a diagram illustrating data association of data possessed by each of two companies. Specifically, in, data possessed by company A and stored in the data aggregation deviceand data possessed by company B and stored in the data transmission deviceare associated (collated, aggregated, and the like). In data association, data may be associated without mutual revealing of data. In this case, data in the process of collation and aggregation is not disclosed to anybody. Examples of a technique for associating data without mutual revealing of data include de-identification process, secure computation, and disclosure limitation process. Details thereof will be described later.

A group is a group of persons or objects which are classified on the basis of common characteristics. Examples of the group include a day of the week, an event, a boarding flight, and a purchased article.

The group may be a unit of aggregation when data is collated. The group may be a unit of aggregation when two or more companies collate data on the basis of user identifiers for identifying individuals. For example, when data is collated for each day of the week, a unit of aggregation at this time of collation is a group. No individuals correlated with data which is correlated with the same group may overlap. That is, no user identifiers may overlap in a group. User identifiers should not overlap in a group. In this embodiment, a “user” (which may be appropriately replaced with an “individual” in this embodiment) corresponding to an individual is not a user of the data aggregation device, but a user in a general broad meaning.

The data transmission deviceis a computer (server) device that stores data possessed by company B as described above. The data transmission devicetransmits data stored therein or data based on the data to the data aggregation devicefor collation and aggregation in the data aggregation device.

is a diagram illustrating an example of a functional configuration of the data aggregation deviceaccording to the embodiment. The data aggregation deviceincludes a storage unit, an input unit, an aggregation unit(an aggregation unit), a calculation unit(a calculation unit), a disclosure limitation unit(a disclosure limitation unit), and an output unit, as illustrated in.

The functional blocks of the data aggregation deviceare assumed to operate in the data aggregation device, but are not limited thereto. For example, some of the functional blocks of the data aggregation devicemay be provided in a computer device other than the data aggregation deviceand connected to the data aggregation devicevia a network and serve to appropriately transmit and receive information to and from the data aggregation device. Some functional blocks of the data aggregation devicemay be omitted, a plurality of functional blocks may be unified into one functional block, and one functional block may be divided into a plurality of functional blocks.

The functions of the data aggregation deviceillustrated inwill be described below.

The storage unitstores arbitrary information used for calculation or the like in the data aggregation device, calculation results in the data aggregation device, and the like. For example, the storage unitstores data possessed by company A. Information stored in the storage unitmay be appropriately referred to by the functions of the data aggregation device.

The input unitreceives an input of data to be collated (for both collation). The input data is correlated with individuals and groups. For example, the input unitreceives an input of data possessed by company A and stored in the storage unit. The input unitmay receive an input of data divided into groups.

is a diagram illustrating an example of data possessed by company A. The data illustrated inis a user list which is a list of individuals for each group. As illustrated in, in the user list, individuals of which a user identifier for identifying an individual is “aaa” and “bbb” are included in group 1 “Monday” of which a group identifier for identifying a group is “Monday,” and individuals of which a user identifier for identifying an individual is “aaa” and “bbb” are included in group 2 “Tuesday” of which a group identifier for identifying a group is “Tuesday.” That is, the user list is correlated with individuals and groups. In this embodiment, for the purpose of simplification of explanation, only user identifiers are included as data included in groups in the user list, but the present disclosure is not limited thereto, and a plurality of types of data may be included. For example, data on one or more attributes (for example, sex and age) of individuals identified by the user identifiers may be included in addition to the user identifiers.

No user identifiers overlap in the same group. For example, only one user identifier “aaa” is included in group 1 “Monday,” and two or more user identifiers “aaa” are not present therein. On the other hand, a user identifier may overlap in different groups. For example, the user identifier “aaa” is included in group 1 “Monday” and group 2 “Tuesday.”

The input unitgenerates collation identifiers which are identifiers for identifying the individuals and the groups in the data and correlates the generated collation identifiers with the data. The input unitgenerates the collation identifiers from a group identifier for identifying a group to be collated and the user identifiers. The collation identifier identifies a group in which both data to be collated is collated.

is a diagram illustrating an example of data in which a collation identifier is correlated with the data (user list) illustrated in. As illustrated in, the input unitgenerates a collation identifier “AAA$” from the user identifier “aaa” and the group identifier “Monday” and correlates the generated collation identifier with the user list. Here, “AAA” in the collation identifier “AAA$” corresponds to (is correlated with) the user identifier “aaa”, and “$” corresponds to (is correlated with) the group identifier “Monday.” Similarly, the input unitgenerates a collation identifier “BBB$” from the user identifier “bbb” and the group identifier “Monday,” generates a collation identifier “AAA #” from the user identifier “aaa” and the group identifier “Tuesday,” generates a collation identifier “BBB #” from the user identifier “bbb” and the group identifier “Tuesday,” and correlates the generated collation identifiers with the user list. “BBB” in the collation identifier corresponds to (is correlated with) the user identifier “bbb”, and “#” corresponds to (is correlated with) the group identifier “Tuesday.”

In this embodiment, correspondence between the user identifier “aaa” and the group identifier “Monday” can be easily understood, for example, by setting the collation identifier to “AAAS,” but the input unitmay generate a collation identifier from which the correspondence is excluded and correlate the generated collation identifier with the user list. For example, the input unitmay use data (irreversibly converted data) obtained by multiplying a hash function by data based on a combination of a user identifier and a group identifier as a collation identifier.

As illustrated in, in the user list correlated with the collation identifier, the collation identifier “AAA$” and “BBB$” may be included in group 1 “Monday,” and the collation identifiers “AAA #” and “BBB #” may be included in group 2 “Tuesday.”

The input unitmay output the data correlated with the collation identifiers to the aggregation unitor may store the data in the storage unit.

The input unitreceives an input of calculation information on a predetermined (arbitrary) calculation (a calculation method). The predetermined calculation may be a calculation which is designated by a user (of the data aggregation device) or may be calculation indicated by calculation information stored in advance in the storage unit. The predetermined calculation may be, for example, a sum of all the groups (or a week sum), an average, or a difference. The input unitmay output the calculation information to the aggregation unitor may store the calculation information in the storage unit.

Here, description of the data aggregation devicewill be stopped and description of the data transmission devicewill be provided.

is a diagram illustrating an example of the functional configuration of the data transmission deviceaccording to the embodiment. As illustrated in, the data transmission deviceincludes a storage unit, an input unit, and a transmission unit. The functional blocks of the data transmission deviceare

assumed to operate in the data transmission device, but are not limited thereto. For example, some of the functional blocks of the data transmission devicemay be provided in a computer device other than the data transmission deviceand connected to the data transmission devicevia a network and serve to appropriately transmit and receive information to and from the data transmission device. Some functional blocks of the data transmission devicemay be omitted, a plurality of functional blocks may be unified into one functional block, and one functional block may be divided into a plurality of functional blocks.

The functions of the data transmission deviceillustrated inwill be described below. The storage unitand the input unithave the same functions as the storage unitand the input unitof the data aggregation device. Description of the same functions will be appropriately omitted.

The storage unitstores arbitrary information used for calculation or the like in the data transmission device, calculation results in the data transmission device, and the like. For example, the storage unitstores the aforementioned data possessed by company B. Information stored in the storage unitmay be appropriately referred to by the functions of the data transmission device.

The input unitreceives an input of data to be collated. The input data is correlated with individuals and groups. For example, the input unitreceives an input of data possessed by company B and stored in the storage unit.

is a diagram illustrating an example of data possessed by company B. The data illustrated inis user-specific location information which is location information of individuals for each group. As illustrated in, in the user-specific location information, a set of the user identifier “aaa” and location information “area A” (which indicates that an individual identified by the user identifier “aaa” is located in area A) and a set of the user identifier “bbb” and location information “area C” (which indicates that an individual indicated by the user identifier “bbb” is located in area C) are included in group 1 “Monday” in which the group identifier is “Monday,” and a set of the user identifier “aaa” and location information “area C” and a set of the user identifier “bbb” and location information “area B” are included in group 2 “Tuesday.” That is, the user-specific location information is correlated with individuals and groups. In this embodiment, user-specific location information including location information is employed as an example of the data possessed by company B, but the present disclosure is not limited to the location information, and one or more pieces of arbitrary data may be included. For example, data on one or more attributes (for example, sex and age) of individuals identified by the user identifiers may be included in addition to the user identifiers and the location information.

No user identifiers overlap in the same group. On the other hand, a user identifier may overlap in different groups.

The input unitgenerates collation identifiers which are identifiers for identifying the individuals and the groups in the input data and correlates the generated collation identifiers with the data.is a diagram illustrating an example of data in which a

collation identifier is correlated with the data (the user-specific location information) illustrated in. As illustrated in, for example, the input unitgenerates a collation identifier “AAA$” from the user identifier “aaa” and the group identifier “Monday” and correlates the generated collation identifier with the user-specific location information. Similarly, the input unitgenerates a collation identifier “BBB$” from the user identifier “bbb” and the group identifier “Monday,” generates a collation identifier “AAA #” from the user identifier “aaa” and the group identifier “Tuesday,” generates a collation identifier “BBB #” from the user identifier “bbb” and the group identifier “Tuesday,” and correlates the generated collation identifiers with the user-specific location information.

As illustrated in, in the user-specific location information correlated with the collation identifiers, a set of the collation identifier “AAA$” and the location information “area A” and a set of the collation identifier “BBB$” and the location information “area C” may be included in group 1 “Monday,” and a set of the collation identifier “AAA #” and the location information “area C” and a set of the collation identifier “BBB #” and the location information “area B” may be included in group 2 “Tuesday.”

The input unitmay output the data correlated with the collation identifiers to the transmission unitor may store the data in the storage unit.

The transmission unittransmits the data correlated with the collation identifier which is input from the input unitor the data correlated with the collation identifier which is stored in the storage unitto (the aggregation unitof) the data aggregation device(for the purpose of collation and aggregation).

The data transmission devicehas been described hitherto. Description of the data aggregation devicewill be continued.

The aggregation unitcollates and aggregates data correlated with collation identifiers for each group on the basis of the collation identifiers. The aggregation unitaggregates data for each group and calculates group-specific aggregation results (aggregation data).

is a diagram illustrating a situation in which the data illustrated inand the data illustrated inare collated and aggregated. Specifically, the aggregation unitcollates (counts data with the same collation identifier) or the like and aggregates a collation identifier included in a user list and a collation identifier included in user-specific location information for group 1 “Monday.” That is, the aggregation unitaggregates data for day. Both a day (a group) and an individual can be identified using a collation identifier. Since group-specific aggregation results can be identified, a degree of freedom in calculation which will be described later is high.

The aggregation unitmay perform the aggregation using a secure computation. The aggregation unitmay collate and aggregate data which is de-identified. That is, the input unitand the input unitmay receive an input of de-identified data (in advance) (de-identification process is performed thereon before the data is input) or may de-identify the input data. De-identification refers to a process of excluding identifiability between original data and de-identified data. Specifically, when data with an individual table type is assumed, irreversible conversion of information which is key attributes and a process of preventing re-identification from a combination of attribute information associated with the key attributes, a data structure, or the like are assumed, but the present disclosure is not limited thereto.

The aggregation unitmay output the calculated group-specific aggregation data to the calculation unitor may store the data in the storage unit.

The calculation unitperforms a predetermined calculation on the group aggregation results (the group-specific aggregation data) from the aggregation unit(input by the aggregation unit). The predetermined calculation may be a calculation indicated by calculation information input from the input unitor may be a calculation indicated by calculation information stored in the storage unit. The predetermined calculation may integrate the group aggregation results from the aggregation unit. The calculation unitmay put the group-specific aggregation data into a pool and perform the predetermined calculation using the whole data.

is a diagram illustrating an example of group aggregation data. The aggregation data illustrated inindicates that there areindividuals located in area A on Monday, there areindividuals located in area B on Monday, there areindividuals located in area C on Monday, there areindividuals located in area A on Tuesday, there areindividuals located in area B on Tuesday, and there areindividuals located in area C on Tuesday.